Electronic mail (referred to as email) has changed the way people communicate. However, email is constantly being threatened by spam email which is unsolicited, junk, etc. Spam is used for a variety of purposes including product advertising, advance fee fraud scams, phishing, virus distribution, etc. According to various studies, upwards of 85% to 90% or more of email is spam. As such, users are turning to various spam detection and isolation techniques to separate spam email from legitimate email. Conventional spam detection methods largely rely on two broad techniques: Sender Reputation and Message Analysis. Sender reputation checks the reputation of the Internet Protocol (IP) address or the like of the sender and its past history. Ill reputed senders are ones that have sent large volumes of spam in the past. Sender reputation analysis may also check for consistency in the sender's domain and IP address in the Domain Name System (DNS) records. Sender IP reputation analysis had been a very effective tool in countering spam in the past. Message reputation looks for keywords (e.g. “free Viagra”) and other patterns in the message body to classify an email as spam. Disadvantageously, spammers are getting sophisticated. For example, they are able to leverage large groups of botnets and infected computers worldwide to send spam. Also, more and more Internet Service Providers (ISPs) are now using Network Address Translation (NAT), where the internal IP address of its subscribers is private. Thus, IP reputation becomes less effective in these scenarios. Spammers are also able to vary messages slightly and send few spam emails from many machines worldwide as opposed to sending bulk mails from one server. This has decreased the effectiveness of traditional spam detection methods.